Privacy Policy.

This Privacy Policy describes how Y5 Enterprises ("Y5 Enterprises", "we", "our", "us") collects, uses, discloses and safeguards information when you visit https://y5enterprises.com, request a quote, sign up for newsletters or training sessions, attend an on-site survey, or otherwise interact with our offerings.

It applies to website visitors, prospective and current customers, vendors, channel partners, and job applicants. It does not cover third-party websites, products, or services that you may reach via links from this site - those are governed by their own privacy policies.

By using this site or engaging Y5 Enterprises for IT infrastructure, networking, surveillance or related services, you confirm that you have read and understood this policy.

We collect only the information needed to respond to your enquiry, deliver our services, run our business, and meet our legal obligations. The categories are:

Identity & contact data - your name, business name, designation, work email, phone number, postal address, and any other details you choose to share when you submit a contact form, request a quotation, or send us an email.

Project & technical data - site addresses, floor plans, network topology notes, device counts, asset tags and similar information you share to help us scope a deployment, audit an existing network, or deliver an SLA.

Transactional data - purchase orders, invoices, GSTIN, billing addresses, payment references and tax-related records that we are legally required to keep.

Usage data - your IP address, browser type, operating system, device identifiers, referring URL, pages visited, time-on-page, and similar diagnostic data captured automatically when you browse this site.

Cookies & local storage - small files placed by your browser. See section 06 below.

Recruitment data - if you apply for a role with us, your CV, work history, references and any supporting documents you submit.

Service delivery - to scope, design, install, configure, support, monitor or audit the IT infrastructure you have engaged us to deliver.

Communication - to respond to your enquiry, send a quotation, schedule a site visit, share project status updates, raise tickets, or coordinate AMC and warranty claims.

Marketing - to send occasional updates about new partner-brand product launches, technology bulletins, training sessions, or service offerings, only where you have consented or where there is a legitimate business interest. You may opt out at any time using the unsubscribe link or by writing to us.

Legal & accounting - to issue tax invoices, file GST and income-tax returns, comply with court orders or regulatory requests, and defend legal claims.

Site operation - to keep the website secure, prevent fraud and abuse, monitor uptime, debug issues, and improve content based on aggregate usage.

Under the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000 read with the Reasonable Security Practices and Procedures and Sensitive Personal Data or Information Rules, 2011, we rely on one or more of the following grounds:

Your explicit consent (for example, when you tick a marketing opt-in box or submit a contact form).

Performance of a contract you have entered into with us (for example, executing a deployment or providing post-implementation support).

Compliance with a legal obligation to which Y5 Enterprises is subject (for example, tax record retention).

Legitimate business interests pursued by Y5 Enterprises, balanced against your rights (for example, recovering dues, securing the website, or preventing fraud).

We do not sell, rent, or trade your personal data. We share information only with:

Authorised employees and contractors of Y5 Enterprises who need it to perform their duties and who are bound by confidentiality obligations.

Authorised distributors and OEMs - for example, where TP-Link, Ruijie, D-Link, CommScope, Hikvision, Dahua or another OEM requires registration of an end-customer for warranty activation, support escalation, RMA processing or partner-program tracking. Only the minimum data required for that specific purpose is shared.

Logistics, courier and on-site installation partners who need address and access details to deliver hardware or perform field work on your behalf.

Cloud, hosting and analytics providers who process data on our behalf under written instructions and equivalent confidentiality and security obligations. Currently this includes our website hosting provider, our email and Google Workspace provider, and aggregate analytics providers if and when enabled.

Banks, payment gateways and chartered accountants for processing receivables and complying with statutory audit requirements.

Government authorities, regulators, courts or law-enforcement agencies where we are legally required to disclose information.

Strictly necessary cookies and local-storage entries are used to remember your theme preference (light or dark), keep your navigation state, and ensure the site renders correctly. These cannot be turned off via the site UI but can be cleared via your browser settings.

Performance cookies, when enabled, help us understand which pages are popular and how visitors move through the site. We use these only in aggregate and do not link them to identifiable individuals where avoidable.

We do not use third-party advertising trackers, retargeting pixels, or social-media trackers. If that ever changes, we will update this policy and obtain consent where required.

We keep personal data only for as long as is necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements.

Quote and lead enquiries are typically retained for up to 24 months after last contact, after which they are anonymised or deleted unless you become a customer.

Customer records (project files, invoices, support tickets) are retained for the duration of the engagement and for at least eight years after the last transaction, in line with the Companies Act, 2013 and the GST regime.

Recruitment data of unsuccessful applicants is retained for up to 12 months and then deleted unless you have agreed to be kept on file for future openings.

Server log files and aggregate analytics data are retained for up to 12 months.

Subject to applicable law, you have the right to:

Access - obtain a summary of the personal data we hold about you and the purposes of processing.

Correction - request correction of inaccurate or incomplete data.

Erasure - request deletion of personal data that is no longer required or where you withdraw consent and no other lawful ground applies.

Withdrawal of consent - withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Grievance redressal - contact our Grievance Officer (see section 11) if you believe your rights have not been honoured.

Nomination - nominate another individual to exercise these rights on your behalf in the event of your death or incapacity.

To exercise any of these rights, write to the Grievance Officer with reasonable proof of identity. We will respond within the timelines mandated by law.

We follow reasonable security practices and procedures consistent with ISO/IEC 27001 principles. These include encrypted transmission (HTTPS) for the website, role-based access control on internal systems, periodic backup, principle-of-least-privilege for staff, mandatory password policies, and secure disposal of decommissioned devices.

However, no method of transmission over the internet or electronic storage is one hundred percent secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

If we ever become aware of a personal data breach that is likely to result in significant harm, we will notify the Data Protection Board of India and affected individuals as required under the DPDP Act.

Our services are intended for businesses and adult professionals. We do not knowingly collect personal data from anyone under the age of 18. If you believe a minor has provided us personal data, please contact the Grievance Officer and we will delete it promptly.

Questions, requests, or complaints regarding this policy or the handling of your personal data should be addressed to our Grievance Officer at the address below. We acknowledge complaints within 48 working hours and aim to resolve them within 30 days, in line with the IT Rules, 2011.

Y5 Enterprises

Y5 Enterprises, Aristocrate, A-4, Ground Floor, Old Nagardas Road, Mogra Pada, Andheri East, Mumbai, Maharashtra - 400069

Phone: +91-9970698755

Email: solution@y5enterprises.com

We may update this Privacy Policy from time to time to reflect changes in our practices, our service offerings, or the law. The "Last updated" date at the top of this page will always reflect the most recent revision. Material changes will be highlighted on the homepage or notified via email where you have provided one.

Effective date: 07 May 2026.